nerdexam
Palo_Alto_Networks

PCCSA · Question #6

Match the common TCP/IP protocol with its corresponding port(s).

The options field is empty {}, so I'll explain the concept comprehensively covering all the protocols you'd typically see on this type of exam question. --- TCP/IP Protocol Port Matching Overall Goal Every network service listens on a numbered port so the OS knows which applicati

Network Security Fundamentals

Question

Match the common TCP/IP protocol with its corresponding port(s).

Exhibit

PCCSA question #6 exhibit

Explanation

The options field is empty {}, so I'll explain the concept comprehensively covering all the protocols you'd typically see on this type of exam question.


TCP/IP Protocol Port Matching

Overall Goal

Every network service listens on a numbered port so the OS knows which application should receive incoming packets. Memorizing these is foundational for networking exams (CompTIA Network+, Security+, CCNA, etc.) and real-world firewall/ACL configuration.


Common Protocol-to-Port Mappings

ProtocolPort(s)TransportPurpose
FTP20 (data), 21 (control)TCPFile transfer
SSH22TCPEncrypted remote shell
Telnet23TCPUnencrypted remote shell
SMTP25TCPSend email
DNS53UDP (primarily), TCPName resolution
DHCP67 (server), 68 (client)UDPIP address assignment
TFTP69UDPTrivial (lightweight) file transfer
HTTP80TCPUnencrypted web traffic
POP3110TCPRetrieve email (deletes from server)
IMAP143TCPRetrieve email (keeps on server)
HTTPS443TCPEncrypted web traffic (TLS)
SMB/CIFS445TCPWindows file sharing
RDP3389TCPWindows remote desktop
SNMP161 (queries), 162 (traps)UDPNetwork device monitoring
LDAP389TCP/UDPDirectory services
LDAPS636TCPLDAP over TLS
NTP123UDPTime synchronization

Why These Specific Port Numbers?

Most assignments below 1024 are well-known ports standardized by IANA. They aren't arbitrary - they were assigned historically as protocols were formalized. Ports 1024–49151 are registered ports; 49152–65535 are ephemeral/dynamic (used by clients for outbound connections).


What Goes Wrong Without This Knowledge

  • Firewalls misconfigured: Blocking port 443 breaks HTTPS; blocking 53 breaks DNS (internet stops working).
  • Security gaps: Leaving port 23 (Telnet) open exposes plaintext credentials. Port 22 (SSH) is the secure replacement.
  • Troubleshooting failures: netstat, nmap, and Wireshark output is meaningless if you can't read port numbers.

Memory Tips

MnemonicPorts
"FTP splits data/control"20/21
"SSH came after Telnet"22 > 23
"DNS = 53 (D=4th letter, 4+9=53... just memorize it)"53
"HTTP = 80, add S for SSL = 443"80 / 443
"RDP = 3389 (3 digits × 3 = remote desktop)"3389
"SMTP sends (25), POP3 picks up (110), IMAP inspects (143)"25 / 110 / 143

The cleanest study method: write each protocol on a flashcard with its port, transport layer (TCP vs UDP), and one-sentence purpose. UDP protocols are typically connectionless, lightweight services (DNS, DHCP, TFTP, SNMP, NTP).

Topics

#TCP/IP protocols#Port numbers#Common ports

Community Discussion

No community discussion yet for this question.

Full PCCSA Practice